Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
youtrack vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-12850
A query injection was possible in JetBrains YouTrack. The issue was fixed in YouTrack 2018.4.49168.
Jetbrains Youtrack
4.3
CVSSv3
CVE-2023-50871
In JetBrains YouTrack prior to 2023.3.22268 authorization check for inline comments inside thread replies was missed
Jetbrains Youtrack
5.4
CVSSv3
CVE-2024-22370
In JetBrains YouTrack prior to 2023.3.22666 stored XSS via markdown was possible
Jetbrains Youtrack
8.8
CVSSv3
CVE-2021-25765
In JetBrains YouTrack prior to 2020.4.4701, CSRF via attachment upload was possible.
Jetbrains Youtrack
5.3
CVSSv3
CVE-2021-25766
In JetBrains YouTrack prior to 2020.4.4701, improper resource access checks were made.
Jetbrains Youtrack
5.3
CVSSv3
CVE-2021-25768
In JetBrains YouTrack prior to 2020.4.4701, permissions for attachments actions were checked improperly.
Jetbrains Youtrack
4.3
CVSSv3
CVE-2021-25771
In JetBrains YouTrack prior to 2020.6.1099, project information could be potentially disclosed.
Jetbrains Youtrack
5.4
CVSSv3
CVE-2022-28649
In JetBrains YouTrack prior to 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue description
Jetbrains Youtrack
8.8
CVSSv3
CVE-2019-12851
A CSRF vulnerability was detected in one of the admin endpoints of JetBrains YouTrack. The issue was fixed in YouTrack 2018.4.49852.
Jetbrains Youtrack
9.8
CVSSv3
CVE-2019-12852
An SSRF attack was possible on a JetBrains YouTrack server. The issue (1 of 2) was fixed in JetBrains YouTrack 2018.4.49168.
Jetbrains Youtrack
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »